From a6713e2186f8c96d5bdb063db05deec84ca6450d Mon Sep 17 00:00:00 2001 From: priyaranjanpatil Date: Tue, 19 Dec 2023 15:07:34 +1100 Subject: [PATCH] code artifact and versioning changes --- .github/workflows/github-actions.yml | 98 +++++++++++++++++++++------- 1 file changed, 75 insertions(+), 23 deletions(-) diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml index 33172ff..1e476b0 100644 --- a/.github/workflows/github-actions.yml +++ b/.github/workflows/github-actions.yml @@ -4,22 +4,22 @@ name: Connect to an AWS role from a GitHub repository # Controls when the action will run. Invokes the workflow on push events but only for the main branch on: push: - branches: [5165-cicd] + branches: [main, 5165-cicd] pull_request: - branches: [5165-cicd] + branches: [main, 5165-cicd] env: ENVIRONMENT: development - AWS_REGION: ap-southeast-2 #MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 - #ECR_REPOSITORY: #########.dkr.ecr.ap-southeast-2.amazonaws.com/aodn-v2 # set this to your Amazon ECR repository name + ECR_REPOSITORY: test # set this to your Amazon ECR repository name ECS_SERVICE: geonetwork4-service #MY_ECS_SERVICE # set this to your Amazon ECS service name ECS_CLUSTER: aodn-imos-v2 # set this to your Amazon ECS cluster name ECS_TASK_DEFINITION: ./geonetwork4-td.json #MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition - # file, e.g. .aws/task-definition.json - CONTAINER_NAME: geonetwork4-container #MY_CONTAINER_NAME # set this to the name of the container in the - # containerDefinitions section of your task definition - #ROLE_ARN: arn:aws:iam::#########:role/tlc-ci-cd - name: development + CONTAINER_NAME: geonetwork4-container # set this to the name of the container in the + CA_DOMAIN: test + CA_DOMAIN_OWNER: test + CA_REPO: test + CA_PACKAGE: test + CA_NAMESPACE: test # Permission can be added at job level or workflow level @@ -39,7 +39,7 @@ jobs: with: role-to-assume: ${{ vars.ROLE_ARN }} role-session-name: GitHub_to_AWS_via_FederatedOIDC - aws-region: ${{ env.AWS_REGION }} + aws-region: ${{ vars.AWS_REGION }} # Hello from AWS: WhoAmI - name: Sts GetCallerIdentity run: | @@ -83,14 +83,22 @@ jobs: if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/container_name" ]; then echo "CONTAINER_NAME=$value" >> "$GITHUB_ENV" fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ca_domain" ]; then + echo "CA_DOMAIN=$value" >> "$GITHUB_ENV" + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ca_domain_owner" ]; then + echo "CA_DOMAIN_OWNER=$value" >> "$GITHUB_ENV" + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ca_repo" ]; then + echo "CA_REPO=$value" >> "$GITHUB_ENV" + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ca_package" ]; then + echo "CA_PACKAGE=$value" >> "$GITHUB_ENV" + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ca_namespace" ]; then + echo "CA_NAMESPACE=$value" >> "$GITHUB_ENV" + fi done - - - name: Print new env var values - ssm parameter store - run: | - printf '%s\n' "$ECR_REPOSITORY" - printf '%s\n' "$ECS_CLUSTER" - printf '%s\n' "$ECS_SERVICE" - printf '%s\n' "$CONTAINER_NAME" - name: Prepare id: prep @@ -104,9 +112,9 @@ jobs: BUILD_ID=${GITHUB_REF/refs\/tags\//} LATEST_ID=latest fi - echo ::set-output name=BUILD_DATE::$(date -u +'%Y-%m-%dT%H:%M:%SZ') - echo ::set-output name=BUILD_ID::${BUILD_ID} - echo ::set-output name=LATEST_ID::${LATEST_ID} >> $GITHUB_OUTPUT + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" + echo "LATEST_ID=$LATEST_ID" + echo "BUILD_ID=$BUILD_ID" >> $GITHUB_OUTPUT - name: Checkout uses: actions/checkout@v3 @@ -130,7 +138,6 @@ jobs: env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} IMAGE_TAG: ${{ steps.prep.outputs.BUILD_ID }} - LATEST_ID: ${{ steps.prep.outputs.LATEST_ID }} run: | # Build a docker container and # be deployed to ECS. @@ -156,7 +163,6 @@ jobs: env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} IMAGE_TAG: ${{ steps.prep.outputs.BUILD_ID }} - LATEST_ID: ${{ steps.prep.outputs.LATEST_ID }} run: | # Build a docker container and # be deployed to ECS. @@ -215,4 +221,50 @@ jobs: exit 1 else echo "Deployment successfull." - fi \ No newline at end of file + fi + + - name: Get and calculate latest package version - AWS CodeArtifact + id: ca-getversion + env: + BUILD_ID: ${{ steps.prep.outputs.BUILD_ID }} + run: | + FLAG_INITIAL=false + + CURRENT_VERSION=$(aws codeartifact list-package-versions --domain $CA_DOMAIN --repository $CA_REPO --format generic --package $CA_PACKAGE --namespace $CA_NAMESPACE --query defaultDisplayVersion | jq -r ".") + echo "current version: $CURRENT_VERSION" + + if [ "$CURRENT_VERSION" == "null" ]; then + CURRENT_VERSION="1.0.0" + FLAG_INITIAL=true + fi + IFS='.' read -ra version_parts <<< "$CURRENT_VERSION" + MAJOR=${version_parts[0]} + MINOR=${version_parts[1]} + NEW_MINOR=$((MINOR + 1)) + if [ "$FLAG_INITIAL" == "true" ]; then + NEW_MINOR="0" + fi + #version format[major.minor.build_number] + #build_number format{BRANCH}-${REVISION}-${TS} + echo "latest_version=$MAJOR.$NEW_MINOR.${{ env.BUILD_ID }}" >> $GITHUB_OUTPUT + + - name: Publish JAR file - AWS CodeArtifact + id: ca-deploy + env: + CA_VERSION: ${{ steps.ca-getversion.outputs.latest_version }} + run: | + export ASSET_SHA256=$(sha256sum ${{ vars.CA_SOURCE_PATH }} | awk '{print $1;}') + #ASSET_SHA256:- This value is used as an integrity check to verify that the assetContent has not changed after it was originally sent or published. + + aws codeartifact publish-package-version \ + --repository $CA_REPO \ + --domain $CA_DOMAIN \ + --domain-owner $CA_DOMAIN_OWNER \ + --format generic \ + --package $CA_PACKAGE \ + --asset-content ${{ vars.CA_SOURCE_PATH }} \ + --package-version ${{ env.CA_VERSION }} \ + --asset-name $CA_PACKAGE \ + --asset-sha256 $ASSET_SHA256 \ + --namespace $CA_NAMESPACE \ + --output text \ No newline at end of file